Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability

Information

Severity

Severity

Medium

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Solution Type

Solution Type

Workaround

Created

Created

6 years ago

Modified

Modified

5 years ago

Summary

A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked.

Insight

Insight

The vulnerability exists because the affected software does not transfer certificate revocation lists (CRLs) across Autonomic Control Plane (ACP) channels. An attacker could exploit this vulnerability by connecting an autonomic node, which has a known and revoked certificate, to the autonomic domain of an affected system.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Administrators can mitigate this vulnerability by doing the following for autonomic nodes that were disconnected from the Autonomic Network domain: - Ensure that the certificate and key information for the node is deleted properly - Update the Autonomic Networking whitelist file on the registrar These actions will prevent the autonomic node from re-establishing connectivity to the Autonomic Network domain of an affected system.

Common Vulnerabilities and Exposures (CVE)